package com.bd.msdp.auth.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@Order(10)
public class UiResourceConfiguration extends WebSecurityConfigurerAdapter {
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		
		System.out.println("UiResourceConfiguration");
		
		// @formatter:off
		http
			.requestMatchers().antMatchers("/photos/**","/me")
		.and()
			.authorizeRequests()
			.antMatchers("/me").access("hasRole('ROLE_USER')")
			.antMatchers("/photos").access("hasRole('ROLE_USER')")
			.antMatchers("/photos/trusted/**").access("hasRole('ROLE_USER')")
			.antMatchers("/photos/user/**").access("hasRole('ROLE_USER')")
			.antMatchers("/photos/**").access("hasRole('ROLE_USER')");
		// @formatter:on
	}
}
